As per 802.1q,valid VLAN ID should be 0-4095
Issue: In Set LAN configuration, able to set VLAN ID out its range.
Fix: Added proper conditions to validate the request.
Tested:
//Setting the VLAN with invalid VLAN ID (4096)
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0x90
0xCC //Invalid data field in request
//Setting the VLAN ID reserved bits with VLAN ID disable
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0x70
0xCC //Invalid data field in request
//Setting the VLAN ID reserved bits with VLAN ID enabled
ipmitool -I lanplus -U root -P 0penBmc -H <ip> raw 0x0c 0x01 0x01 0x14 0x00 0xf0
0xCC //Invalid data field in request
Signed-off-by: Rajashekar Gade Reddy <raja.sekhar.reddy.gade@linux.intel.com>
Change-Id: I03987cff13845bdfb7156367fedee3d78b957651
diff --git a/transporthandler.cpp b/transporthandler.cpp
index d7eef14..e112668 100644
--- a/transporthandler.cpp
+++ b/transporthandler.cpp
@@ -1497,17 +1497,30 @@
}
case LanParam::VLANId:
{
- uint16_t vlanData;
- if (req.unpack(vlanData) != 0 || !req.fullyUnpacked())
+ uint12_t vlanData = 0;
+ uint3_t reserved = 0;
+ bool vlanEnable = 0;
+
+ if (req.unpack(vlanData) || req.unpack(reserved) ||
+ req.unpack(vlanEnable) || !req.fullyUnpacked())
{
return responseReqDataLenInvalid();
}
- if ((vlanData & VLAN_ENABLE_FLAG) == 0)
+
+ if (reserved)
{
- lastDisabledVlan[channel] = vlanData & VLAN_VALUE_MASK;
- vlanData = 0;
+ return responseInvalidFieldRequest();
}
- channelCall<reconfigureVLAN>(channel, vlanData & VLAN_VALUE_MASK);
+
+ uint16_t vlan = static_cast<uint16_t>(vlanData);
+
+ if (!vlanEnable)
+ {
+ lastDisabledVlan[channel] = vlan;
+ vlan = 0;
+ }
+ channelCall<reconfigureVLAN>(channel, vlan);
+
return responseSuccess();
}
case LanParam::CiphersuiteSupport: